View | Details | Raw Unified | Return to bug 230183
Collapse All | Expand All

(-)Mailman/Utils.py (-2 / +20 lines)
Lines 252-261 CRNLpat = re.compile(r'[^\x21-\x7e]') Link Here
252 
def GetPathPieces(envar='PATH_INFO'):
 252 
def GetPathPieces(envar='PATH_INFO'):
253 
    path = os.environ.get(envar)
 253 
    path = os.environ.get(envar)
254 
    if path:
 254 
    if path:
255 
        remote = os.environ.get('HTTP_FORWARDED_FOR',
256 
                 os.environ.get('HTTP_X_FORWARDED_FOR',
257 
                 os.environ.get('REMOTE_ADDR',
258 
                                'unidentified origin')))
255 
        if CRNLpat.search(path):
 259 
        if CRNLpat.search(path):
256 
            path = CRNLpat.split(path)[0]
 260 
            path = CRNLpat.split(path)[0]
257 
            syslog('error', 'Warning: Possible malformed path attack.')
 261 
            syslog('error',
258 
        return [p for p in path.split('/') if p]
 262 
                'Warning: Possible malformed path attack domain=%s remote=%s',
263 
                   get_domain(),
264 
                   remote)
265 
        # Check for listname injections that won't be websafed.
266 
        pieces = [p for p in path.split('/') if p]
267 
        # Get the longest listname or 20 if none.
268 
        if list_names():
269 
            longest = max([len(x) for x in list_names()])
270 
        else:
271 
            longest = 20
272 
        if pieces and len(pieces[0]) > longest:
273 
            syslog('mischief',
274 
               'Hostile listname: listname=%s: remote=%s', pieces[0], remote)
275 
            pieces[0] = pieces[0][:longest] + '...'
276 
        return pieces
259 
    return None
 277 
    return None
260 

          278
          

        

        

          261
          

          279
          

        






  

  Return to bug 230183